Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/bb9ff1-b773-4cc5-ac14-db10b3d02a7e/1/tTpXvMhaQMwZ3auTsMCwrHrO1rg.roa
File: tTpXvMhaQMwZ3auTsMCwrHrO1rg.roa (raw, json)
Hash identifier: 0SelyUA7tE62Jg0tIJfPQL8MmibIfJuCnVO+jzfLEcE=
Subject key identifier: B5:3A:57:BC:C8:5A:40:CC:19:DD:AB:93:B0:C0:B0:AC:7A:CE:D6:B8
Certificate issuer: /CN=9f38ac45bb2af436ff740f0d01e1a7a71757b67e
Certificate serial: C413
Authority key identifier: 9F:38:AC:45:BB:2A:F4:36:FF:74:0F:0D:01:E1:A7:A7:17:57:B6:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzisRbsq9Db_dA8NAeGnpxdXtn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/bb9ff1-b773-4cc5-ac14-db10b3d02a7e/1/tTpXvMhaQMwZ3auTsMCwrHrO1rg.roa
Signing time: Fri 20 May 2022 13:13:13 +0000
ROA not before: Fri 20 May 2022 13:13:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34354
IP address blocks: 89.221.112.0/23 maxlen: 23
89.221.114.0/23 maxlen: 23
89.221.118.0/23 maxlen: 23
85.158.72.0/21 maxlen: 21
89.221.116.0/23 maxlen: 23
89.221.124.0/23 maxlen: 23
89.221.122.0/23 maxlen: 23
89.221.120.0/23 maxlen: 23
89.221.126.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 50195 (0xc413)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f38ac45bb2af436ff740f0d01e1a7a71757b67e
Validity
Not Before: May 20 13:13:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b53a57bcc85a40cc19ddab93b0c0b0ac7aced6b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:77:52:1d:4f:c1:74:f3:db:8c:03:c1:11:6d:
29:e9:ed:9e:6c:ea:90:21:49:f9:15:9d:f4:ea:76:
a3:22:d1:44:6d:40:3e:fa:c0:e5:47:6c:ee:77:b1:
01:aa:6f:02:b2:d5:92:5b:66:5b:ab:cc:c7:d4:8b:
49:7d:6d:1b:be:fe:1e:41:18:0a:79:dc:90:85:07:
67:3d:51:02:6c:a7:19:89:8c:23:e9:74:e5:d8:62:
60:1b:00:79:ab:ee:c4:32:58:4e:da:59:bb:3b:99:
7c:c8:ec:14:e2:89:87:74:ae:cc:64:15:8e:8a:75:
24:63:14:1b:4e:34:67:f6:f0:c8:a8:82:af:bc:d8:
7a:55:f6:03:ab:b9:e2:1d:e6:de:40:8b:45:fa:bb:
e0:c6:ff:4d:8e:63:ef:eb:a7:cc:77:33:8a:34:78:
d7:5d:de:94:fc:43:63:a2:f1:eb:ff:0d:a4:af:bc:
dc:a9:1d:1a:15:85:4d:df:ed:61:d2:a3:59:42:1b:
7a:55:13:42:db:a7:04:9e:46:ed:65:1f:08:64:5d:
28:fa:df:48:7e:f9:9f:71:6d:e5:a0:2f:40:ae:c7:
5c:19:d1:0b:f9:d1:51:48:f9:e4:c8:9a:94:d5:84:
61:62:95:3b:33:01:04:64:00:fa:cf:9d:7b:9b:1b:
ce:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:3A:57:BC:C8:5A:40:CC:19:DD:AB:93:B0:C0:B0:AC:7A:CE:D6:B8
X509v3 Authority Key Identifier:
keyid:9F:38:AC:45:BB:2A:F4:36:FF:74:0F:0D:01:E1:A7:A7:17:57:B6:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzisRbsq9Db_dA8NAeGnpxdXtn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bb9ff1-b773-4cc5-ac14-db10b3d02a7e/1/tTpXvMhaQMwZ3auTsMCwrHrO1rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/bb9ff1-b773-4cc5-ac14-db10b3d02a7e/1/nzisRbsq9Db_dA8NAeGnpxdXtn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.72.0/21
89.221.112.0/20
Signature Algorithm: sha256WithRSAEncryption
c0:00:bb:92:a6:81:21:8d:36:7d:2e:71:fa:c5:15:77:fe:77:
b6:72:0d:9b:48:e3:7f:90:35:87:d8:6e:df:6e:84:2b:ca:31:
c5:9e:ca:5f:dc:36:9b:37:5a:45:d4:b6:16:18:3a:0d:39:52:
12:fa:45:11:96:c8:90:2a:52:a4:3e:f1:f7:b7:4f:c0:a9:25:
fb:c9:5f:dd:ad:20:10:10:00:21:56:7e:35:dc:3d:bb:ff:5b:
79:7e:c9:0e:1a:9c:f6:0c:a8:e0:3c:fe:03:f1:59:dd:84:74:
2c:f1:29:51:2f:0d:d4:6f:f2:5a:d6:92:0f:24:29:00:c6:e5:
7a:ce:56:99:32:e6:dc:00:72:96:a8:78:54:4d:d1:32:72:84:
c5:2c:67:de:63:89:b0:fc:45:ae:c2:6a:5d:2c:c2:62:87:4c:
b7:62:fd:29:f2:78:f8:48:56:63:79:c0:08:83:12:a6:60:d1:
0a:f9:07:0f:75:8c:c9:43:51:e0:ff:06:a0:b4:26:1e:ae:27:
78:ee:97:6f:5d:9b:6f:3c:b0:fb:aa:5c:5d:f9:15:18:52:1c:
3d:89:3f:8d:c4:54:cf:ff:4c:38:a8:ee:8e:ee:b3:74:63:6b:
3f:2e:76:1f:04:d5:86:fe:f6:00:53:35:f7:9d:f2:fc:2c:f5:
c3:90:dd:26
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAMQTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDlm
MzhhYzQ1YmIyYWY0MzZmZjc0MGYwZDAxZTFhN2E3MTc1N2I2N2UwHhcNMjIwNTIw
MTMxMzEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhiNTNhNTdiY2M4NWE0
MGNjMTlkZGFiOTNiMGMwYjBhYzdhY2VkNmI4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvndSHU/BdPPbjAPBEW0p6e2ebOqQIUn5FZ306najItFEbUA+
+sDlR2zud7EBqm8CstWSW2Zbq8zH1ItJfW0bvv4eQRgKedyQhQdnPVECbKcZiYwj
6XTl2GJgGwB5q+7EMlhO2lm7O5l8yOwU4omHdK7MZBWOinUkYxQbTjRn9vDIqIKv
vNh6VfYDq7niHebeQItF+rvgxv9NjmPv66fMdzOKNHjXXd6U/ENjovHr/w2kr7zc
qR0aFYVN3+1h0qNZQht6VRNC26cEnkbtZR8IZF0o+t9IfvmfcW3loC9ArsdcGdEL
+dFRSPnkyJqU1YRhYpU7MwEEZAD6z517mxvOCQIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFLU6V7zIWkDMGd2rk7DAsKx6zta4MB8GA1UdIwQYMBaAFJ84rEW7KvQ2/3QP
DQHhp6cXV7Z+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bnppc1Jic3E5RGJfZEE4TkFlR25weGRYdG40LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83My9iYjlmZjEtYjc3My00Y2M1LWFjMTQtZGIxMGIzZDAyYTdlLzEv
dFRwWHZNaGFRTXdaM2F1VHNNQ3dySHJPMXJnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9i
YjlmZjEtYjc3My00Y2M1LWFjMTQtZGIxMGIzZDAyYTdlLzEvbnppc1Jic3E5RGJf
ZEE4TkFlR25weGRYdG40LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ5IAwQEWd1wMA0GCSqGSIb3DQEB
CwUAA4IBAQDAALuSpoEhjTZ9LnH6xRV3/ne2cg2bSON/kDWH2G7fboQryjHFnspf
3DabN1pF1LYWGDoNOVIS+kURlsiQKlKkPvH3t0/AqSX7yV/drSAQEAAhVn413D27
/1t5fskOGpz2DKjgPP4D8VndhHQs8SlRLw3Ub/Ja1pIPJCkAxuV6zlaZMubcAHKW
qHhUTdEycoTFLGfeY4mw/EWuwmpdLMJih0y3Yv0p8nj4SFZjecAIgxKmYNEK+QcP
dYzJQ1Hg/wagtCYerid47pdvXZtvPLD7qlxd+RUYUhw9iT+NxFTP/0w4qO6O7rN0
Y2s/LnYfBNWG/vYAUzX3nfL8LPXDkN0m
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:57 2024 by rpki-client on console-ams.rpki-client.org